COMMAND

	klprfax_filter follows symlink blindly

SYSTEMS AFFECTED

	kdeutils-2.2-2

PROBLEM

	wang yuan (r0gue) reported :
	

	when     using     klprfax_filter,it     would     creat     a      temp
	file,/tmp/klprfax.filter,but  the  temporary  file   was   not   created
	safely,this vulnerability could  be  exploited  to  overwrite  arbitrary
	files!

SOLUTION

	This was announced by the KDE team on Nov 9. The solution is  to  remove
	the suid bit from efax. It seems to only need it for accessing the  lock
	files and the modem.